All Implemented Interfaces:
ApiRequest<Verify.Request>
Enclosing class:
Verify

public static class Verify.Request extends VaultRequest<Verify.Request>
Request object. Can be configured with additional headers, query parameters etc.
  • Method Details

    • builder

      public static Verify.Request builder()
      Fluent API builder for configuring a request. The request builder is passed as is, without a build method. The equivalent of a build method is ApiJsonBuilder.toJson(jakarta.json.JsonBuilderFactory) used by the RestApi.
      Returns:
      new request builder
    • digestKeyName

      public Verify.Request digestKeyName(String signatureKeyName)
      Specifies the name of the encryption key to verify against. Required.
      Parameters:
      signatureKeyName - name of the key
      Returns:
      updated request
    • data

      public Verify.Request data(Base64Value value)
      The data to sign.
      Parameters:
      value - value to encrypt
      Returns:
      updated request
      See Also:
    • signature

      public Verify.Request signature(String signature)
      Specifies the signature output from the /transit/sign function. Either this must be supplied or hmac must be supplied.
      Parameters:
      signature - signature string as provided by TransitSecretsRx.sign(io.helidon.integrations.vault.secrets.transit.Sign.Request)
      Returns:
      updated request
    • hmac

      public Verify.Request hmac(String hmac)
      Specifies the signature output from the /transit/hmac function. Either this must be supplied or signature must be supplied.
      Parameters:
      hmac - hmac sting as provided by transit hmac
      Returns:
      updated request
    • context

      public Verify.Request context(Base64Value value)
      Specifies the context for key derivation. This is required if key derivation is enabled for this key; currently only available with ed25519 keys.
      Parameters:
      value - context
      Returns:
      updated request
    • preHashed

      public Verify.Request preHashed(boolean preHashed)
      Set to true when the input is already hashed. If the key type is rsa-2048, rsa-3072 or rsa-4096, then the algorithm used to hash the input should be indicated by the hash_algorithm parameter. Just as the value to sign should be the base64-encoded representation of the exact binary data you want signed, when set, input is expected to be base64-encoded binary hashed data, not hex-formatted. (As an example, on the command line, you could generate a suitable input via openssl dgst -sha256 -binary | base64.).
      Parameters:
      preHashed - whether the data is pre hashed or not
      Returns:
      updated erqust
    • signatureAlgorithm

      public Verify.Request signatureAlgorithm(String signatureAlgorithm)
      When using a RSA key, specifies the RSA signature algorithm to use for signing. Supported signature types are: pss pkcs1v15 See signature algorithm constants on this class.
      Parameters:
      signatureAlgorithm - signature algorithm to use
      Returns:
      updated request
    • marshalingAlgorithm

      public Verify.Request marshalingAlgorithm(String marshalingAlgorithm)
      Specifies the way in which the signature should be marshaled. This currently only applies to ECDSA keys. Supported types are: asn1: The default, used by OpenSSL and X.509 jws: The version used by JWS (and thus for JWTs). Selecting this will also change the output encoding to URL-safe Base64 encoding instead of standard Base64-encoding.
      Parameters:
      marshalingAlgorithm - marshaling algorithm
      Returns:
      udpated request
    • hashAlgorithm

      public Verify.Request hashAlgorithm(String hashAlgorithm)
      Specifies the hash algorithm to use for supporting key types (notably, not including ed25519 which specifies its own hash algorithm). See hash algorithm constants on this class.
      Parameters:
      hashAlgorithm - algorithm to use
      Returns:
      updated request